Saturday, May 28, 2022

Network breaches not being caught fast enough, says report

Despite huge amounts of money spent on network defence, organizations are still lagging in the time it takes to detect breaches, according to Verizon Communications’ annual data breach report.
Tuesday’s report, which compiles information from a number of security vendors, service providers and governments around the world, is one of the most comprehensive looks at cyber crime trends.
Among the findings is that in 60 per cent of reported cases, attackers last year were able to compromise an organization within minutes.

“Unfortunately, the proportion of breaches discovered within days still falls well below that of time to compromise,” the report says. “Even worse, the two lines are diverging over the last decade, indicating a growing “detection deficit” between attackers and defenders. We think it highlights one of the primary challenges to the security industry.”
“If you’re desperate for good news,” it adds, “you’ll be happy to see that 2014 boasts the smallest deficit ever recorded and the trend lines appear a bit more parallel than divergent. We’ll see if that’s a trick or a budding trend next year.”
On the other hand, figures from 100,000 organizations showed that half of them experienced 35 or fewer days of caught malware events during an entire calendar year — that is after they had been winnowed down by controls like firewalls, intrusion detection systems (IDS)/intrusion prevention systems (IPS), spam filters, etc., will have already reduced the raw stream of malware.
The sometimes cheeky report tries to spot trends from reported incidents from its many contributors, but can’t quite claim to be scientific: For example, it notes that last year’s report included incidents in 95 countries, but only 61 this year. That should not be interpreted as meaning 34 countries were incident-free, it warns.

Among the trends:
–Incidents vs breaches: There’s a trend that still holds — the biggest per centage of the overall number of security incidents are related to what are called “miscellaneous errors (29 per cent), followed by crimeware (25 per cent); insider misuse (20 per cent) and physical theft/loss (15 per cent).
Despite the headlines, cyber espionage, POS intrusions and payment card skimmers are less than one per cent. In other words, most are people-related.
That may suggest threats are more manageable than pessimists believe.
On the other hand, POS intrusions did make the majority of last year’s confirmed data breaches (28.5 per cent), followed by crimeware (almost 19 per cent) and cyber espionage (18 per cent) among 1,598 breaches.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.